001
014
015 package com.liferay.portal.kernel.util;
016
017 import com.liferay.portal.CookieNotSupportedException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020
021 import java.util.Collections;
022 import java.util.HashMap;
023 import java.util.Map;
024
025 import javax.servlet.http.Cookie;
026 import javax.servlet.http.HttpServletRequest;
027 import javax.servlet.http.HttpServletResponse;
028
029
033 public class CookieKeys {
034
035 public static final String COMPANY_ID = "COMPANY_ID";
036
037 public static final String COOKIE_SUPPORT = "COOKIE_SUPPORT";
038
039 public static final String GUEST_LANGUAGE_ID = "GUEST_LANGUAGE_ID";
040
041 public static final String ID = "ID";
042
043 public static final String JSESSIONID = "JSESSIONID";
044
045 public static final String LOGIN = "LOGIN";
046
047 public static final int MAX_AGE = (int)Time.YEAR;
048
049 public static final String PASSWORD = "PASSWORD";
050
051 public static final String REMEMBER_ME = "REMEMBER_ME";
052
053 public static final String REMOTE_PREFERENCE_PREFIX = "REMOTE_PREFERENCE_";
054
055 public static final String SCREEN_NAME = "SCREEN_NAME";
056
057 public static final String USER_UUID = "USER_UUID";
058
059 public static void addCookie(
060 HttpServletRequest request, HttpServletResponse response,
061 Cookie cookie) {
062
063 addCookie(request, response, cookie, request.isSecure());
064 }
065
066 public static void addCookie(
067 HttpServletRequest request, HttpServletResponse response, Cookie cookie,
068 boolean secure) {
069
070 if (!_SESSION_ENABLE_PERSISTENT_COOKIES || _TCK_URL) {
071 return;
072 }
073
074
075
076 String name = cookie.getName();
077
078 String originalValue = cookie.getValue();
079 String encodedValue = originalValue;
080
081 if (isEncodedCookie(name)) {
082 encodedValue = UnicodeFormatter.bytesToHex(
083 originalValue.getBytes());
084
085 if (_log.isDebugEnabled()) {
086 _log.debug("Add encoded cookie " + name);
087 _log.debug("Original value " + originalValue);
088 _log.debug("Hex encoded value " + encodedValue);
089 }
090 }
091
092 cookie.setSecure(secure);
093 cookie.setValue(encodedValue);
094 cookie.setVersion(0);
095
096
097
098
099 response.addCookie(cookie);
100 }
101
102 public static void addSupportCookie(
103 HttpServletRequest request, HttpServletResponse response) {
104
105 Cookie cookieSupportCookie = new Cookie(COOKIE_SUPPORT, "true");
106
107 cookieSupportCookie.setPath(StringPool.SLASH);
108 cookieSupportCookie.setMaxAge(MAX_AGE);
109
110 addCookie(request, response, cookieSupportCookie);
111 }
112
113 public static String getCookie(HttpServletRequest request, String name) {
114 return getCookie(request, name, true);
115 }
116
117 public static String getCookie(
118 HttpServletRequest request, String name, boolean toUpperCase) {
119
120 if (!_SESSION_ENABLE_PERSISTENT_COOKIES) {
121 return null;
122 }
123
124 String value = _get(request, name, toUpperCase);
125
126 if ((value == null) || !isEncodedCookie(name)) {
127 return value;
128 }
129
130 try {
131 String encodedValue = value;
132 String originalValue = new String(
133 UnicodeFormatter.hexToBytes(encodedValue));
134
135 if (_log.isDebugEnabled()) {
136 _log.debug("Get encoded cookie " + name);
137 _log.debug("Hex encoded value " + encodedValue);
138 _log.debug("Original value " + originalValue);
139 }
140
141 return originalValue;
142 }
143 catch (Exception e) {
144 if (_log.isWarnEnabled()) {
145 _log.warn(e.getMessage());
146 }
147
148 return value;
149 }
150 }
151
152 public static String getDomain(HttpServletRequest request) {
153
154
155
156 if (Validator.isNotNull(_SESSION_COOKIE_DOMAIN)) {
157 return _SESSION_COOKIE_DOMAIN;
158 }
159
160 String host = request.getServerName();
161
162 if (_SESSION_COOKIE_USE_FULL_HOSTNAME) {
163 return StringPool.BLANK;
164 }
165
166 return getDomain(host);
167 }
168
169 public static String getDomain(String host) {
170
171
172
173 if (host == null) {
174 return null;
175 }
176
177
178
179 if (Validator.isIPAddress(host)) {
180 return host;
181 }
182
183 int x = host.lastIndexOf(CharPool.PERIOD);
184
185 if (x <= 0) {
186 return null;
187 }
188
189 int y = host.lastIndexOf(CharPool.PERIOD, x - 1);
190
191 if (y <= 0) {
192 return StringPool.PERIOD + host;
193 }
194
195 int z = host.lastIndexOf(CharPool.PERIOD, y - 1);
196
197 String domain = null;
198
199 if (z <= 0) {
200 domain = host.substring(y);
201 }
202 else {
203 domain = host.substring(z);
204 }
205
206 return domain;
207 }
208
209 public static boolean hasSessionId(HttpServletRequest request) {
210 String jsessionid = getCookie(request, JSESSIONID, false);
211
212 if (jsessionid != null) {
213 return true;
214 }
215 else {
216 return false;
217 }
218 }
219
220 public static boolean isEncodedCookie(String name) {
221 if (name.equals(ID) || name.equals(LOGIN) || name.equals(PASSWORD) ||
222 name.equals(SCREEN_NAME) || name.equals(USER_UUID)) {
223
224 return true;
225 }
226 else {
227 return false;
228 }
229 }
230
231 public static void validateSupportCookie(HttpServletRequest request)
232 throws CookieNotSupportedException {
233
234 if (_SESSION_ENABLE_PERSISTENT_COOKIES &&
235 _SESSION_TEST_COOKIE_SUPPORT) {
236
237 String cookieSupport = getCookie(request, COOKIE_SUPPORT, false);
238
239 if (Validator.isNull(cookieSupport)) {
240 throw new CookieNotSupportedException();
241 }
242 }
243 }
244
245 private static String _get(
246 HttpServletRequest request, String name, boolean toUpperCase) {
247
248 Map<String, Cookie> cookieMap = _getCookieMap(request);
249
250 if (toUpperCase) {
251 name = StringUtil.toUpperCase(name);
252 }
253
254 Cookie cookie = cookieMap.get(name);
255
256 if (cookie == null) {
257 return null;
258 }
259 else {
260 return cookie.getValue();
261 }
262 }
263
264 private static Map<String, Cookie> _getCookieMap(
265 HttpServletRequest request) {
266
267 Map<String, Cookie> cookieMap =
268 (Map<String, Cookie>)request.getAttribute(
269 CookieKeys.class.getName());
270
271 if (cookieMap != null) {
272 return cookieMap;
273 }
274
275 Cookie[] cookies = request.getCookies();
276
277 if (cookies == null) {
278 cookieMap = Collections.emptyMap();
279 }
280 else {
281 cookieMap = new HashMap<String, Cookie>(cookies.length * 4 / 3);
282
283 for (Cookie cookie : cookies) {
284 String cookieName = GetterUtil.getString(cookie.getName());
285
286 cookieName = StringUtil.toUpperCase(cookieName);
287
288 cookieMap.put(cookieName, cookie);
289 }
290 }
291
292 request.setAttribute(CookieKeys.class.getName(), cookieMap);
293
294 return cookieMap;
295 }
296
297 private static final String _SESSION_COOKIE_DOMAIN = PropsUtil.get(
298 PropsKeys.SESSION_COOKIE_DOMAIN);
299
300 private static final boolean _SESSION_COOKIE_USE_FULL_HOSTNAME =
301 GetterUtil.getBoolean(
302 PropsUtil.get(PropsKeys.SESSION_COOKIE_USE_FULL_HOSTNAME));
303
304 private static final boolean _SESSION_ENABLE_PERSISTENT_COOKIES =
305 GetterUtil.getBoolean(
306 PropsUtil.get(PropsKeys.SESSION_ENABLE_PERSISTENT_COOKIES));
307
308 private static final boolean _SESSION_TEST_COOKIE_SUPPORT =
309 GetterUtil.getBoolean(
310 PropsUtil.get(PropsKeys.SESSION_TEST_COOKIE_SUPPORT));
311
312 private static final boolean _TCK_URL = GetterUtil.getBoolean(
313 PropsUtil.get(PropsKeys.TCK_URL));
314
315 private static Log _log = LogFactoryUtil.getLog(CookieKeys.class);
316
317 }